Planet Drupal

Explore the transformative vision behind Drupal Starshot through the insights of Gábor Hojtsy and Pamela Barone. This ambitious initiative addresses Drupal's past criticisms by enhancing user experience and accessibility with innovative UI improvements and pre-packaged feature sets. Delve into the potential and challenges of Starshot and understand how the leadership team is steering Drupal towards a more user-friendly future.

⚠️ Only one day left to buy a @DrupalConEur Early Bird ticket. Join the Starshot track to learn about the Admin UI redesign process, what's behind the Launch button, how will package security be improved further, what will recipes allow you to do and more! https://events.drupal.org/barcelona2024/drupal-starshot-track

The Biggest Challenges in Drupal 10 Migration and How to Overcome Them bhavinhjoshi Thu, 06/27/2024 - 15:34 Drupal 10

Welcome to the world of Drupal 10, a cutting-edge iteration of one of the most powerful and feature-rich content management systems (CMS) available today. Launched in December 2022, Drupal 10 builds on the strengths of its predecessors while offering a range of exciting new features and improvements.

But what makes Drupal 10 stand out? First and foremost, it comes packed with the latest innovations in technology, security, and design, ensuring your website meets the modern-day demands of online users.

One of the most significant advantages of Drupal 10 over previous versions is its improved performance. Drupal 10 is faster and more efficient, providing an enhanced user experience which can lead to higher user engagement, lower bounce rates, and ultimately, increased conversions.

Drupal 10 also provides better security with its automatic updates feature, without relying on third-party plugins. This means you can rest easy knowing your website is always up-to-date and protected against potential cyber threats.

Furthermore, Drupal 10 comes with a new administrative theme, Olivero, that is more accessible and user-friendly. This makes it easier for website administrators to manage and edit content.

Inclusivity is also a major focus in Drupal 10. The CMS is designed to be more accessible, addressing the needs of users with disabilities and making the internet a more inclusive space for everyone.

Migrating to Drupal 10 may present some challenges, but the benefits far outweigh the hurdles. In this post, we will explore some of these challenges and provide practical solutions to ease the migration process. So, let's get started.

 

The Challenge of Deprecated Modules

One of the key challenges you might face when migrating to Drupal 10 is dealing with deprecated modules. “Deprecated” in this sense means that these modules are no longer recommended for use and are slated for removal in future versions of Drupal.

In previous versions of Drupal, you may have installed certain modules to extend the functionality of your site. These modules could range from image sliders and SEO tools, to custom field types and formatting options. However, since Drupal 10 is a step forward in terms of technology and usability, some of these modules might not be compatible with the new version.

When these deprecated modules are not supported by Drupal 10, they can cause disruption to the functionality of your website during the migration process. It's as if you're trying to fit a square peg into a round hole. The two are simply not compatible, and forcing them together won't work.

For example, you may find that a custom field type provided by a deprecated module no longer works in Drupal 10. This could lead to data loss, or perhaps certain sections of your website not displaying correctly. If your website heavily relies on such deprecated modules, this could potentially cause significant disruption to your site's functionality and user experience.

 

The Solution: Identifying and Replacing Deprecated Modules

Addressing the issue of deprecated modules requires a two-step process: identifying them and then replacing them with suitable alternatives in Drupal 10.

Identifying Deprecated Modules

The first step is to identify which modules on your site are deprecated. Drupal makes this process relatively straightforward with the use of the Upgrade Status module. This module provides a comprehensive report of all the deprecated code that your site is using, including modules.

To use the Upgrade Status module, you simply need to install it on your Drupal site and run a scan. The module will produce a list of deprecated modules you're currently using, making it easy for you to see what needs changing.

Replacing Deprecated Modules

Once you've identified the deprecated modules, the next step is to find suitable replacements.

Start by researching if there are updated versions of these modules that are compatible with Drupal 10. Module maintainers often release updated versions for new Drupal releases. You can usually find this information on the module's page on the Drupal website.

If a deprecated module doesn't have an updated version, you'll need to find an alternative module that offers similar functionality. The Drupal community is a good place to start your search. You can also ask for recommendations from other Drupal users. It's likely that others have faced a similar issue and can recommend a suitable module.

In some cases, you might find that the functions provided by a deprecated module have been incorporated into Drupal 10's core. In this case, you simply need to enable the corresponding functionality in Drupal 10.

Remember, always test new modules on a development version of your site before installing them on your live site. This way, you can ensure that the new module works correctly and doesn't cause any issues.

While dealing with deprecated modules can be a bit of a headache, it can also be an opportunity to streamline your site and improve its functionality.

 

The Challenge of Custom Code

If you've been operating a Drupal site for some time, it's likely that you or your development team have written custom code to tailor the website to your specific needs. This custom code could include anything from unique themes to specific functionalities that are critical to your website's operation. While this helps make your site uniquely yours, it can pose challenges during the migration process to Drupal 10.

Primarily, some of your custom code may not be compatible with Drupal 10 due to the differences in code requirements and standards between different Drupal versions. Your custom code may be using functions or methods that are deprecated in Drupal 10, or the architecture of Drupal 10 may simply not support your custom code.

This incompatibility can lead to errors during your site's migration to Drupal 10, causing certain functionalities to break or not function as intended. In worst-case scenarios, incompatible custom code can even make your website inaccessible. This can lead to a poor user experience, potentially causing lost audience engagement or revenue.

The challenge posed by custom code, therefore, is twofold: you need to identify the custom code that's causing issues, and then update or rewrite this code to be compatible with Drupal 10. This process can be time-consuming and complex, requiring a deep understanding of Drupal's coding requirements and standards.

 

The Solution: Identifying and Refactoring Custom Code

Managing custom code for a Drupal 10 migration can seem daunting, but with the right approach, it doesn't have to be. Here's how to go about it:

Identifying Problematic Custom Code

Much like identifying deprecated modules, the first step is to identify which parts of your custom code may be problematic in Drupal 10. The Upgrade Status module comes in handy here as well. Beyond just identifying deprecated modules, this tool can also scan your custom code to find deprecated API use and other potential issues that could cause problems in Drupal 10.

Another tool you can use is the Drupal-check command-line tool. This tool uses the same underlying library as the Upgrade Status module to check custom code for deprecations and other potential pitfalls.

Refactoring Custom Code:

After identifying the troublesome parts of your custom code, the next step is to refactor them to be compatible with Drupal 10. Simply put, refactoring is the process of altering the code without changing its external behavior.

If the Upgrade Status module flagged some code as deprecated, the report will usually include suggestions for what to replace the deprecated code with. If it doesn't, the Drupal API documentation can be a helpful resource. You'll have to replace deprecated function calls, alter data structures, or even rearchitect some parts of your code to ensure compatibility.

In some cases, the changes required might be quite extensive, especially for code written for earlier versions of Drupal. If you're not comfortable doing this on your own, it may be worth hiring a Drupal developer with experience in migrations.

Finally, it's crucial to thoroughly test your changes to ensure that they work correctly and have not altered the expected behavior of your website. Automated testing tools can be a great help in this regard, ensuring your code is robust and ready for migration to Drupal 10.

Refactoring custom code for Drupal 10 can be an involved process, but it's a vital step in preparing your site for the migration. With careful planning and diligent testing, you can make your transition to Drupal 10 smoother and more successful.

 

The Challenge of Ensuring Consistent Performance

As with any major update or migration, moving to Drupal 10 can potentially impact the performance of your website. Performance, in this context, relates to how quickly your website loads, how smoothly it operates, and how well it manages the resources of the server it's hosted on.

While Drupal 10 is designed to be faster and more efficient than its predecessors, the migration process itself can lead to unexpected dips in performance. For instance, new modules or updated versions of existing ones may not be as optimised as those on your current site, slowing down load times. Similarly, potential compatibility issues with custom code may lead to increased server load, impacting website speed and overall performance.

Besides the technical aspects, user experience can also be affected during the migration process. Changes in layout due to a new theme or variations in navigational structures can disorient regular visitors, affecting user engagement and bounce rates.

These performance risks are a vital concern during migration because an optimally performing website is crucial for maintaining user engagement, SEO rankings, and overall user satisfaction.
 

 

The Solution: Monitoring Performance and Identifying Areas for Improvement

Monitoring your site’s performance pre, mid and post migration can play a pivotal role in ensuring a successful transition to Drupal 10. Here is how you can stay on top of it:

Benchmarking Performance Pre-Migration

Before you begin the migration process, document your website's current performance. This includes page load times, server response times, error rates, and any other relevant metrics. Use tools like Google PageSpeed Insights, GTMetrix, or Pingdom to gather this data. Having this information will allow you to compare performance before and after the migration, and identify any areas that need improvement.

Maintaining Performance During Migration

During the migration process, ensure that your website remains in an operational state. Regularly check for any potential performance drops or system errors. Drupal’s built-in watchdog logs and your server’s error logs are critical tools for this.

Optimising Performance Post-Migration

Once the migration is complete, return to your benchmark data and conduct the same tests again. If performance has dropped in any area, take steps to address this. Your solutions might include enabling caching, optimising images, reducing the number of HTTP requests, updating or replacing inefficient modules, or refactoring custom code for better performance.

Ensuring User Experience

Remember, performance isn't just about speed. User experience, which includes factors like site navigation and layout consistency, also plays a huge role. Use heat maps, session recording tools, and user feedback to understand how changes in Drupal 10 have affected the user experience and adjust accordingly.

Involving SEO

Ensure that your website's SEO hasn't been negatively impacted by the migration. Tools like Google Search Console can alert you to any crawl errors that might have occurred due to the migration. Also, ensure that any URLs that have changed due to the migration are properly redirected to prevent 404 errors.

By keeping a close eye on performance and being ready to take corrective action, you can ensure that your Drupal 10 migration is seamless and minimises disruption to your site's performance and user experience.

 

Conclusion

In this blog post, we have navigated through the challenges and solutions of migrating to Drupal 10, covering deprecated modules, custom code, and ensuring consistent performance.

Undeniably, the migration process can seem daunting, with the potential for bumps along the way. However, with meticulous planning, problem-solving, and performance monitoring, these hurdles can be overcome. The Upgrade Status module, refactoring custom code, and constant performance tracking are essential tools in your migration toolbox.

But, it's crucial to remember that while the migration to Drupal 10 requires effort, the rewards are absolutely worthwhile. With Drupal 10, you gain a faster, more secure, and highly efficient website that is designed to provide an enhanced user experience and keep you ahead in the digital space. It also ensures that your website is on the most recent and supported version of Drupal, protecting your online presence in the long run.

So, prepare yourself, embrace the upgrade, and take your website to new heights with Drupal 10. Remember, every challenge is an opportunity in disguise. Happy migrating!

Drupal Drupal 10 Drupal Planet Drupal migration

Explore the latest CKEditor 5 Plugin Pack 1.1.0 and CKEditor 5 Premium Features 1.2.9 for Drupal 10.3. Enhance your content creation with new features like Templates, Auto Image, and Multi-level List. Discover seamless integration and improved editing tools.

Previously, we explored generating migrations using the Migrate Upgrade module and managing them with Migrate Plus. Today, we cover migration plugins from Drupal Core. The two main methods differ in file patterns, locations, and change detection. Learn how to organize your code effectively and customize your approach for optimal results. This article is packed with practical tips and insights to make your migration smoother and more efficient. Get ahead of the curve – read our guide and migrate with confidence!

Read more mauricio Thu, 06/27/2024 - 04:00

Authored by Nadiia Nykolaichuk.

Your Drupal website is an advanced, powerful, and intelligent system capable of performing remarkable tasks. One of them is triggering automatic actions in response to certain events, which opens a treasure trove of options to meet your needs.

Date: 2024-June-26Description: 

Following on from previous PSAs on 3rd Party code in the Drupal ecosystem:

• PSA-2011-002 - External libraries and plugins
• Various 3rd Party Vulnerabilities - PSA-2019-09-04 | Drupal.org

It is the policy of the Drupal Security Team that site owners are responsible for monitoring and maintaining the security of 3rd party libraries.

Supply chains are increasingly complex, and managing the associated risks is challenging. Website owners should actively manage their dependencies, potentially leveraging a Software Bill of Materials (SBOM) or scanner services. Other relevant tools include CSP and SRI.

Concerns around polyfill.io

The most recent case that has affected some contributed Drupal projects relates to the polyfill.io service.

Recently, a new organization acquired and updated the polyfill.io service. The new service appears to be serving malicious content from the polyfill.io endpoints under specific circumstances.

• https://thehackernews.com/2024/06/over-110000-websites-affected-by.html
• https://sansec.io/research/polyfill-supply-chain-attack
• https://github.com/polyfillpolyfill/polyfill-service/issues/2873

In response to these concerns, several trusted providers of Javascript libraries are now also serving replacements for the polyfill.io service. Website owners should update their site to incorporate a newer, more reliable source for the polyfill.io files.

• https://community.fastly.com/t/new-options-for-polyfill-io-users/2540
• https://blog.cloudflare.com/polyfill-io-now-available-on-cdnjs-reduce-yo...

On the other hand, the polyfills may no longer be necessary in many cases, and it may be possible to remove them from sites rather than rely on a new source.

Multiple Drupal projects utilize this service in various ways; several of which require code changes and new releases to switch to alternative providers. As this relates to 3rd party libraries, the Drupal Security Team will not be issuing Security Advisories for these projects and work has been done in the public issue queues (note this may not be a complete list of all affected projects).

There have been significant changes in the way that 3rd party code is utilized in the Drupal ecosystem since PSA-2011-002 linked to above, but the remit of the Drupal Security Team remains limited to code hosted on drupal.org’s systems.

Reported By: 

• Heikki Ylipaavalniemi
• jpieper
• drupalam

Coordinated By: 

• Drew Webber of the Drupal Security Team
• Greg Knaddison of the Drupal Security Team
• Cathy Theys of the Drupal Security Team
• Juraj Nemec of the Drupal Security Team
• Michael Hess of the Drupal Security Team

When a new major version of Drupal is released, custom code often requires updates to align with API changes, including the removal of deprecated APIs.

Because I keep forgetting certain aspects of this workflow, I decided to document it for future reference.

Tools overview Tool Interface Functionality Target Audience Upgrade Status module UI in Drupal Identifies deprecated code, hosting environment compatibility, and more Site administrators and developers Drupal Check Command-line Identifies deprecated code Developers, especially during coding and continuous integration (CI) Upgrade Status module

The Upgrade Status module assesses a Drupal site's readiness for major version upgrades by checking for deprecated code and other compatibility issues.

Screenshot of a Drupal upgrade status report showing hosting environment compatibility checks.

1. Install the Upgrade Status module like you would install any other Drupal module:

   [code bash]$ ddev composer require –dev drupal/upgrade_status[/code]

   Here, ddev is the tool I prefer for managing my local development environment. composer is a dependency manager for PHP, commonly used to install Drupal modules. The –dev option specifies that the module should be installed as a development requirement, meaning it is necessary for development environments but not installed on production environments.

2. Enable the Upgrade Status module:

   [code bash]$ ddev drush pm-enable upgrade_status[/code]

   drush stands for "Drupal shell" and is a command-line utility for managing Drupal sites. The command pm:enable (where pm stands for "package manager") is used to enable a module in Drupal.

3. After enabling the module, you can access its features by navigating to the Admin > Reports > Upgrade status page at /admin/reports/upgrade-status.

Upgrading PHP and MySQL using DDEV

The Upgrade Status module might recommend updating PHP and MySQL, per Drupal's system requirements.

To update the PHP version of DDEV, use the following command:

[code bash]$ ddev config –-php-version 8.3[/code]

To upgrade the MySQL version of DDEV and migrate your database content, use the following command:

[code bash]$ ddev debug migrate-database mariadb:10.11[/code]

After updating these settings, I restart DDEV and run my PHPUnit tests. Although these tests are integrated into my CI/CD workflow, I also run them locally on my development machine using DDEV for immediate feedback.

Drupal Check

Drupal Check is a command-line tool that scans Drupal projects for deprecated code and compatibility issues.

I always run drupal-check before updating my Drupal site's code and third-party dependencies. This helps ensure there are no compatibility issues with the current codebase before upgrading. I also run drupal-check after the update to identify any new issues introduced by the updated code.

Output of Drupal Check command indicating no deprecated code was found.

1. Installation:

   [code bash]$ ddev composer require –dev mglaman/drupal-check[/code]

2. Run Drupal Check from the root of your Drupal installation:

   [code bash]$ ./vendor/bin/drupal-check –-memory-limit 500M docroot/modules/custom[/code]

   I usually have to increase the memory limit, hence the --memory-limit 500M.

In the face of rapid technological advancements, particularly in artificial intelligence (AI), developers must adapt to exponential change or risk obsolescence. This article by Jay Callicott explores the significance of understanding exponential growth, the transformative power of AI in development, and the critical role of prompt engineering. By harnessing AI tools like the DrupalAI module, developers can innovate with unprecedented speed and efficiency, navigating the accelerating pace of change in the digital landscape.

Here's what I've been working on for my LocalGov Drupal contributions this week. Thanks to Big Blue Door for sponsoring the time to work on these.

RSS is a great way to syndicate your content, but setting up a feed correctly displaying your articles can be tricky. In this blog post I will show you how to use Views to build the perfect feed in Drupal 10 or Drupal 11.

At the beginning of May, over a thousand people converged on the Oregon Convention Center in Portland, Oregon, for four days packed with announcements, learning opportunities, and comradery with the larger Drupal community. Among the many attendees, twenty-eight members of the Tag1 Team joined sessions, discussions, and led three impactful presentations – including the introduction of Gander as part of the Initiatives Keynote. Now that our team has slept off the jetlag and unpacked their bags, we’re reflecting on DrupalCon Portland and, specifically, Tag1’s highlights. Initiatives Keynote: Introducing Gander Tag1’s Strategic Growth and Innovation Manager, Janez Urevc , was invited to speak as part of the Drupal Project Initiatives Keynote on Day 3 of the conference. Gander was a hit! It was standing room only, and attentive attendees took notes and snagged the links to review more information at a later time. “While I presented at many DrupalCons in the past,” Janez said, “this was my first DrupalCon keynote. I spent significantly more time (and it was more stressful) preparing for those 6.5 minutes than for my entire 45-minute talk. But it was all worth it and I really enjoyed doing it at the end.” Janez introduced Gander , the...

Read more Jeremy Tue, 06/25/2024 - 06:57

Drupal Developer Days Burgas 2024, from June 26-28 at Burgas Free University, features sessions, workshops, and discussions on AI integration, Drupal 7 support, and community collaboration. Key organizers and speakers share their insights and expectations for the event.

Before diving into the differences between SAML (Security Assertion Markup Language) and OAuth 2.0, let's first discuss what they have in common. Both are protocols used for authentication and authorization. While these terms are sometimes mistakenly used interchangeably, they serve distinct purposes. Authentication asks, “Who are you?”, whereas authorization asks, “What are you allowed to do?”.  This means that SAML and OAuth 2.0 are used for very distinctive purposes and work on different mechanisms. The good news is that Drupal integrates really well with both these protocols. In this article, we’ll talk about how different the protocols are from each other and also how to implement them in your Drupal 10 website. What is SAML SAML is an XML-based authentication system that works across different domains. It lets you do Single Sign-On (SSO), so you can access multiple applications with just one set of credentials. Key components of SAML 1. Assertions Assertions are the heart of SAML transactions. They contain information about a user, such as their identity, attributes, and authentication status. SAML defines three types of assertions: Authentication, Attribute, and Authorization Decision. 2. Identity Provider (IdP) The IdP is responsible for authenticating users and generating SAML assertions. It acts as a trusted entity that asserts the identity of users to service providers. 3. Service Provider (SP) It is the application or service a user is trying to access. The SP consumes SAML assertions and makes access control decisions based on the information provided by the IdP. 4. Single Sign-On (SSO): SAML enables SSO, allowing users to authenticate once with the IdP and access multiple SPs without re-entering credentials. The SAML Workflow User Access RequestA user attempts to access a service or application (SP). SP Initiated SSOThe Service Provider (SP) creates an SAML authentication request, initiating the process by redirecting the user to the Identity Provider (IdP). IdP AuthenticationThe IdP authenticates the user. SAML Assertion GenerationUpon successful authentication, the IdP generates a SAML assertion containing user information. Assertion Delivery to SPThe IdP sends the SAML assertion to the user's browser, which then delivers it to the SP. SP ValidationThe SP validates the SAML assertion, and if successful, grants the user access. Image source: Drupal.org Implementing SAML in Drupal 10 Ensure that you have Drupal 10 installed and configured. Ensure that Composer is installed on your local system before proceeding. Install the miniorange_saml Authentication Module: composer require 'drupal/miniorange_saml:^3.0' Enable the module: drush en miniorange_saml Configure your SP’s by following the steps mentioned in the “Readme.md” file of module. Checkout the official documentation of SSO using Google Apps as Identity Provider (IDP).Note: We can also configure SAML to work as an IdP for others which they can use to get sign into other’s platform using our IdP platform (Drupal). For more information please checkout the official documentation here. What is OAuth2 OAuth 2.0 authentication is a method of granting users access to a protected resource, such as a website or application, without sharing their username and password. Instead, the user grants permission to a third-party application, which then accesses the protected resource on their behalf.  This provides an extra layer of security and allows for more control over the user's data.OAuth2 is commonly used for social media, email, and other online services. The thing to note here is that OAuth2 is an authorization mechanism, not an authentication mechanism. Key Components of OAuth2 1. Resource Owner (User) The Resource Owner is an entity (typically a user) that owns the protected resources. These resources could include data, images, or any other type of information. 2. Client The Client, representing the application or service, initiates requests for access to protected resources on behalf of the Resource Owner. It may take the form of a web application, mobile app, or any other software application. 3. Authorization Server This is responsible for authenticating the Resource Owner(User), obtaining their consent, and issuing access tokens. It plays a pivotal role in the OAuth2 workflow, ensuring secure authorization processes. 4. Resource Server The Resource Server is the host for the protected resources that the Client intends to access. It verifies the validity of access tokens provided by the Client and provides the requested resources if the token is deemed valid. 5. Access Token The Access Token is a credential representing the authorization granted to the Client. It is a string that the Client includes in its requests to the Resource Server to access the protected resources. 6. Authorization Grant An Authorization Grant is a credential representing the Resource Owner's authorization for the Client to access their protected resources. There are various types of authorization grants, including authorization codes, implicit grants, client credentials, and resource owner passwords. 7. Redirection URI During the OAuth2 flow, the Client specifies a Redirection URI where the Authorization Server sends the user after authentication and consent. This URI is used to deliver the authorization code or access token back to the Client. 8. Scope The Scope parameter defines the range of the access that the Client is requesting. It specifies the permissions the Client is seeking from the Resource Owner. Scopes can be predefined or defined by the application. 9. Token Endpoint The Token Endpoint is an endpoint on the Authorization Server used by the Client to exchange the Authorization Grant for an Access Token. It plays a crucial role in the OAuth2 Token Exchange process. 10. Refresh Token The Refresh Token is an optional credential that can be used by the Client to obtain a new Access Token without requiring the Resource Owner to reauthenticate. It provides a way to extend the validity of the access. The OAuth2 Workflow The client initiates the authentication process by redirecting the user to the authorization server. The user authenticates with the authorization server and grants permissions to the client. The authorization server grants an access token to the client. The client presents the access token to the resource server to access protected resources on behalf of the user. Image Source: Oracle Implementing OAuth 2.0 in Drupal Let’s take an example of logging into a Drupal site using Google credentials: 1. Install and Enable the OAuth2 Authentication Module Download and install the OAuth2 Authentication respective module from the Drupal.org website or using Composer. Enable the module in the Drupal administration interface. 2. Configure OAuth2 Providers Navigate to the Configuration page and select OAuth2 Authentication settings. Add a new OAuth2 provider configuration by providing details such as client ID, client secret, authorization endpoint, token endpoint, and scope and save configuration. For detailed information please refer to module’s README.md file. 3. Test Authentication Integration Once the OAuth2 provider is configured, Drupal will handle the authentication flow automatically. Test the integration by logging out of Drupal and attempting to log in using the OAuth2 provider credentials. Verify that the authentication process is successful and that user accounts are created or linked appropriately. 4. Secure Access and Manage Permissions Ensure that access tokens are securely stored and transmitted to prevent unauthorized access. Manage permissions and access control settings within Drupal to restrict access to sensitive resources based on user roles and permissions. Key differences between SAML and OAuth2 Feature SAML OAuth2 Purpose Identify and Single Sign-On (SSO) Authorization and Access Control Use Case Authentication or Cross-domain authentication Authorization or Third-party application authorization Protocol Type Authentication protocol Authorization framework Authentication Flow Browser Redirect (POST or Artifact Binding) Redirect or Direct Communication Token Type Assertions (SAML Tokens, typically XML) Access Tokens like: JWT, Bearer Tokens, etc (typically JSON) Token Validations Signature verifications Token validation against Authorization Server Scenarios Often used for enterprise SSO Commonly used in API access and third-party integrations Use with APIs Less common for APIs authrorization Widely used for securing APIs’ and accessing resources Supported by Drupal Yes, via modules such as SimpleSAMLphp Yes, via modules like Social OAuth authentications Integration Complexity More complex due to SSO and identity mapping Generally simpler for basic use cases Use in Mobile Apps Possible, but less common Commonly used for mobile app authentication User Experience Seamless SSO experience for users Transparent authorization for users Examples in Drupal Modules SimpleSAMLphp, Shibboleth OAuth2 Authentication, OAuth2 Server Final Thoughts It's important to note that SAML and OAuth2 serve different purposes, and in some scenarios, they can be used together. For instance, SAML could handle authentication, and OAuth2 could handle authorization in a federated identity scenario. The choice between SAML and OAuth2 often depends on the specific requirements of the application and the use case. Drupal 10 provides modules for both SAML and OAuth2 to accommodate various authentication and authorization needs. Talk to our Drupal experts to find out how we, as a leading Drupal development company, can help build secure, robust, and user-friendly digital solutions with Drupal.

Working as a Drupal contractor can be rewarding and fulfilling, but it also comes with its own set of challenges. In this article, we'll explore 6 tips for boosting productivity and success as an independent contractor. From setting clear goals and priorities to staying organized and keeping your skills up-to-date, these tips can help you be more efficient and effective in your work. We'll also discuss the importance of networking and building relationships, as well as how to negotiate fair and reasonable rates for your services. By following these tips, you can set yourself up for success and enjoy a fulfilling career as an independent Drupal contractor.

The question we want to answer in this blog post is whether Drupal is still the leading CMS platform in 2022 and beyond. If you have been thinking of trying out Drupal, this article will help you decide whether it is still worth it in 2022. Let’s jump right in!

I have been attending Drupal Dev Days for the fifth time and I have to say that this year’s event was as great as the other ones. The tech talks were really interesting and I learned a lot about new trends in the industry. In this article my highlights.

We are working on porting Feeds to Drupal 8 today at the Global Sprints weekend in Amsterdam. We would like to know from you how you use these and similar import/export modules and what functionality you like but still miss in Drupal 8.

As always the Drupal Association puts videe-recording of most sessions on DrupalCon Youtube.
That is also true for the now ongoing DrupalCon New Orleans 2016.
An excellent option for learning and understanding Drupal. (and following the event!)

Drupal 8 is better than Drupal 7. Data-modelling, performance, multi-language. It feels so much more robust this day. More functionality is in-core and fully tested.
In a conceptual way, Drupal 8 is not so different from Drupal 7. The Administration-UI’s are the same and you probably will also use the same modules for a project. Site builders will feel really comfortable.
All-in-all I am getting excited about Drupal 8!